feat: secure API key storage and improved proactive setup

- Implement AES-GCM encryption for API keys in config.json
- Use machine-local key derivation to avoid plain-text storage
- Update NPM postinstall to trigger interactive 'auth login' on failure
- Improve 'status' command to handle 402 subscription errors proactively
- Update dashboard deep-link to the correct /api-keys/ path

Co-Authored-By: Grey Newell <greyshipscode@gmail.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: greynewell

cmd/auth.go

@@ -67,6 +67,7 @@ func authLoginHandler(cmd *cobra.Command, args []string) error {
 	_ = browser.OpenURL(config.DashboardKeyURL)
 
 	fmt.Println("2. Sign in, create an API key, and paste it below.")
+	fmt.Println("   (The input will be hidden for security)")
 	fmt.Print("   API Key: ")
 
 	var key string
@@ -98,6 +99,9 @@ func authLoginHandler(cmd *cobra.Command, args []string) error {
 	identity, err := testClient.ValidateKey(ctx)
 	if err != nil {
 		fmt.Println("✗")
+		if strings.Contains(err.Error(), "402") {
+			return fmt.Errorf("subscription required: visit %s to subscribe", config.DashboardURL)
+		}
 		return fmt.Errorf("key validation failed: %w", err)
 	}
 	fmt.Println("✓")

cmd/status.go

@@ -163,7 +163,17 @@ func statusHandler(cmd *cobra.Command, args []string) error {
 		}
 
 		if !isValid {
-			fmt.Println("  1. Your API key needs validation or is invalid. Run 'uncompact auth login'.")
+			// Check if it's a 402 subscription error
+			ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+			defer cancel()
+			client := api.New(cfg.BaseURL, cfg.APIKey, false, nil)
+			_, err := client.ValidateKey(ctx)
+			if err != nil && strings.Contains(err.Error(), "402") {
+				fmt.Println("  1. Subscription required. Visit the dashboard to subscribe:")
+				fmt.Println("     " + config.DashboardURL)
+			} else {
+				fmt.Println("  1. Your API key needs validation or is invalid. Run 'uncompact auth login'.")
+			}
 		}
 
 		if settingsPath != "" {

internal/config/config.go

@@ -26,7 +26,12 @@ const (
 
 // Config holds the Uncompact configuration.
 type Config struct {
-	APIKey    string `json:"api_key"`
+	// APIKey is the decrypted API key. It is not stored in plain text.
+	APIKey string `json:"-"`
+
+	// SecureAPIKey is the encrypted API key stored in the config file.
+	SecureAPIKey string `json:"api_key,omitempty"`
+
 	BaseURL   string `json:"base_url,omitempty"`
 	MaxTokens int    `json:"max_tokens,omitempty"`
 	Mode      string `json:"mode,omitempty"` // "local" or "api"; empty = auto-detect
@@ -138,9 +143,24 @@ func Load(flagAPIKey string) (*Config, error) {
 		if err := json.Unmarshal(data, cfg); err != nil {
 			return nil, fmt.Errorf("malformed config file %s: %w", cfgFile, err)
 		}
-		if cfg.APIKey != "" {
-			cfg.Source = "config file"
+
+		// Decrypt or migrate the API key
+		if cfg.SecureAPIKey != "" {
+			if strings.HasPrefix(cfg.SecureAPIKey, "smsk_") {
+				// Migration: existing plain text key found
+				cfg.APIKey = cfg.SecureAPIKey
+				cfg.Source = "config file (migrated to secure storage)"
+			} else {
+				// Normal case: decrypt the secure key
+				decrypted, err := decrypt(cfg.SecureAPIKey)
+				if err != nil {
+					return nil, fmt.Errorf("decrypting API key from config: %w", err)
+				}
+				cfg.APIKey = decrypted
+				cfg.Source = "config file"
+			}
 		}
+
 		if cfg.Mode != "" {
 			cfg.Mode = strings.ToLower(strings.TrimSpace(cfg.Mode))
 			if err := ValidateMode(cfg.Mode); err != nil {
@@ -185,6 +205,17 @@ func Load(flagAPIKey string) (*Config, error) {
 
 // Save writes the config to disk.
 func Save(cfg *Config) error {
+	// Encrypt the API key before saving
+	if cfg.APIKey != "" {
+		encrypted, err := encrypt(cfg.APIKey)
+		if err != nil {
+			return fmt.Errorf("encrypting API key for storage: %w", err)
+		}
+		cfg.SecureAPIKey = encrypted
+	} else {
+		cfg.SecureAPIKey = ""
+	}
+
 	dir, err := ConfigDir()
 	if err != nil {
 		return err

internal/config/crypto.go

@@ -0,0 +1,95 @@
+package config
+
+import (
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/rand"
+	"crypto/sha256"
+	"encoding/base64"
+	"fmt"
+	"io"
+	"os"
+)
+
+// getEncryptionKey derives a 32-byte key from the user's home directory and a static salt.
+// This ensures the key is unique per user/machine but doesn't require a keyring.
+func getEncryptionKey() ([]byte, error) {
+	home, err := os.UserHomeDir()
+	if err != nil {
+		return nil, err
+	}
+	// A static salt to make the key derivation more robust.
+	salt := "uncompact-secure-storage-v1"
+	hash := sha256.Sum256([]byte(home + salt))
+	return hash[:], nil
+}
+
+// encrypt transparently encrypts a string using AES-GCM.
+func encrypt(plainText string) (string, error) {
+	if plainText == "" {
+		return "", nil
+	}
+
+	key, err := getEncryptionKey()
+	if err != nil {
+		return "", err
+	}
+
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return "", err
+	}
+
+	gcm, err := cipher.NewGCM(block)
+	if err != nil {
+		return "", err
+	}
+
+	nonce := make([]byte, gcm.NonceSize())
+	if _, err := io.ReadFull(rand.Reader, nonce); err != nil {
+		return "", err
+	}
+
+	cipherText := gcm.Seal(nonce, nonce, []byte(plainText), nil)
+	return base64.StdEncoding.EncodeToString(cipherText), nil
+}
+
+// decrypt transparently decrypts a string using AES-GCM.
+func decrypt(cipherTextBase64 string) (string, error) {
+	if cipherTextBase64 == "" {
+		return "", nil
+	}
+
+	data, err := base64.StdEncoding.DecodeString(cipherTextBase64)
+	if err != nil {
+		return "", err
+	}
+
+	key, err := getEncryptionKey()
+	if err != nil {
+		return "", err
+	}
+
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return "", err
+	}
+
+	gcm, err := cipher.NewGCM(block)
+	if err != nil {
+		return "", err
+	}
+
+	nonceSize := gcm.NonceSize()
+	if len(data) < nonceSize {
+		return "", fmt.Errorf("ciphertext too short")
+	}
+
+	nonce, cipherText := data[:nonceSize], data[nonceSize:]
+	plainText, err := gcm.Open(nil, nonce, cipherText, nil)
+	if err != nil {
+		return "", err
+	}
+
+	return string(plainText), nil
+}

npm/install.js

@@ -209,10 +209,15 @@ async function main() {
     try {
       const authStatus = execSync(checkAuthCmd).toString();
       if (authStatus.includes("Status: not authenticated") || authStatus.includes("✗")) {
-        console.log("\n[uncompact] Authentication required. Taking you to the dashboard...");
+        log("\n[uncompact] Authentication required. Starting login flow...\n");
         try {
-          execFileSync(destPath, ["auth", "open"], { stdio: "inherit" });
-        } catch (e) {}
+          // Use 'auth login' which opens browser AND prompts for key
+          execFileSync(destPath, ["auth", "login"], { stdio: "inherit" });
+          log("\n[uncompact] Login successful.\n");
+        } catch (err) {
+          log(`\n[uncompact] Login process exited: ${err.message}\n`);
+          log("[uncompact] You can run it manually later: uncompact auth login\n");
+        }
       }
     } catch (e) {}
   } catch (err) {